Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

BCPIX-LTS

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2026-5588
Assigner-91579145-5d7b-4cc5-b925-a0262ff19630
ShareView Details
Assigner-91579145-5d7b-4cc5-b925-a0262ff19630
CVSS Score-6.3||MEDIUM
EPSS-0.01% / 2.11%
||
7 Day CHG~0.00%
Published-15 Apr, 2026 | 09:06
Updated-08 May, 2026 | 06:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PKIX draft CompositeVerifier accepts empty signature sequence as valid.

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules), Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All (pkix modules), Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All (pkix modules). This vulnerability is associated with program files JcaContentVerifierProviderBuilder.Java, JcaContentVerfierProviderBuilder.Java. This issue affects BC-JAVA: from 1.67 before 1.84; BCPKIX-FIPS: from 2.0.6 before 2.0.11, from 2.1.7 before 2.1.11; BCPIX-LTS: from 2.73.7 before 2.73.11.

Action-Not Available
Vendor-Legion of the Bouncy Castle Inc.
Product-BCPIX-LTSBCPKIX-FIPSBC-JAVA
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm